Full disclosure, I’m not at work for a few months so I am far off my crypto system design game. I’m usually pretty good though. :)
Rather than full SSL I was thinking something along the lines of an hmac. Because we can introduce the two devices to each other physically we don’t need to worry too much about a full challenge response. It should be sufficient to send an hmac signed message with an always increasing counter to prevent replays.
Even if we went with challenge response, I think you could get acceptable battery life using symmetric algorithms instead of public key.
Bluetooth security fobs already exist that do far more than would be required for a car key, and they get a few months of battery life with typical daily usage.
Full disclosure, I’m not at work for a few months so I am far off my crypto system design game. I’m usually pretty good though. :)
Rather than full SSL I was thinking something along the lines of an hmac. Because we can introduce the two devices to each other physically we don’t need to worry too much about a full challenge response. It should be sufficient to send an hmac signed message with an always increasing counter to prevent replays.
Even if we went with challenge response, I think you could get acceptable battery life using symmetric algorithms instead of public key.
https://shop.ftsafe.us/collections/security-keys-ble/products/feitian-multipass-fido2-fido-u2f-usb-c-nfc-ble-security-key-k32
Bluetooth security fobs already exist that do far more than would be required for a car key, and they get a few months of battery life with typical daily usage.